RFAP: Remote File Access Protection in Linux Kernel

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：30

、訪客IP：3.136.22.12

姓名

趙庭浩(Ting-Hao Chao) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

(RFAP: Remote File Access Protection in Linux Kernel)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2028-6-30以後開放)

摘要(中)

隨著嚴重特殊傳染性肺炎疫情爆發，居家辦公已經成為常見的工作模式，遠端連線的需求也隨之上升，其安全性也越來越被重視，像是遠端連線軟體的漏洞、使用者帳密被竊取、被植入後門程式等等都是常見的安全問題。
為了解決這些遠端連線的安全問題，本文在 Linux 作業系統實作了一套防禦機制 (RFAP)，能夠有效的限制遠端連線使用者對特定檔案進行操作。RFAP 透過 socket 相關的操作來判斷使用者是否為遠端連線，若判斷為正在進行遠端連線，執行檔案操作的 system call 會進行額外的權限檢查。RFAP 能夠在不影響遠端連線者正常使用下運行，並且能夠完全保護重要的檔案，在遠端連線的情況下就算系統管理者的帳號也無法對受保護的檔案進行操作，希望這套新的機制可以讓使用者在遠端連線時更加安全。

摘要(英)

With the outbreak of COVID-19 pandemic, work from home has become more and more popular, and the demand for remote connection has increased accordingly. The security of remote connections has also become increasingly important. Common security issues including vulnerabilities in remote connection software, password brute force attack, and the implantation of backdoor programs.
To address these security concerns in remote connections, this thesis proposes the implementation of a defense mechanism called Remote File Access Protection (RFAP) in the Linux operating system. RFAP effectively restricts remote users from performing operations on specific files. RFAP determines whether a user is engaged in a remote connection by inspecting socket operations. If a remote connection is detected, additional permission checks are performed on file operation system calls. RFAP can operate without disrupting the normal usage of remote connections and provides complete protection for critical files. We hoped that this new mechanism will enhance the security of users during remote connections.

關鍵字(中)

★ 作業系統

關鍵字(英)

論文目次

中文摘要..................................................................................................... i
Abstract...................................................................................................... ii
目錄........................................................................................................... iii
圖目錄.........................................................................................................v
表目錄....................................................................................................... vi
第 1 章緒論 ...........................................................................................1
第 2 章背景介紹 ...................................................................................4
2.1 Socket....................................................................................................................... 4
2.2 Linux socket 結構.................................................................................................... 8
第 3 章相關研究 .................................................................................10
第 4 章系統實作 .................................................................................11
4.1 設計目標................................................................................................................ 11
4.2 系統架構................................................................................................................ 12
4.3 機制運作流程........................................................................................................ 13
4.4 遠端連線標記機制................................................................................................ 14
4.5 權限限制方式........................................................................................................ 16
第 5 章實作成果及分析 .....................................................................18
5.1 實作環境................................................................................................................ 18
5.2 功能測試................................................................................................................ 19
5.3 效能測試................................................................................................................ 22
iv
第 6 章討論 .........................................................................................24
6.1 優點........................................................................................................................ 24
6.2 研究限制................................................................................................................ 25
6.3 未來工作................................................................................................................ 26
第 7 章結論 .........................................................................................27
第 8 章參考資料 .................................................................................28

參考文獻

[1] 陳莉雅、何欣潔、卞中佩、李家豪、黃傲天(2021)。數據分
析：台灣軟封城逾月，人們持續自律嗎？「在家工作」狀況如
何？。檢自 https://theinitium.com/article/20210629-taiwanlockdown-wfh-data/ (Jun. 24, 2023)
[2] CVE website(線上)。檢自 https://cve.mitre.org/ (Jun. 24, 2023)
[3] SSH : Security Vulnerabilities(線上)。檢自
https://www.cvedetails.com/vulnerability-list/vendor_id120/SSH.html (Jun. 24, 2023)
[4] Hydra website(線上)。檢自 https://www.kali.org/tools/hydra/ (Jun.
24, 2023)
[5] frakw(2021)。計算機網路概論。檢自
https://hackmd.io/@frakw/BkeoRUtFP#21-principles-of-networkapplications (Jun. 24, 2023)
[6] zake7749(2015)。TCP Socket Programming 學習筆記。檢自
http://zake7749.github.io/2015/03/17/SocketProgramming/ (Jun. 24,
2023)
[7] Madcola(2017)。Linux 编程之 UDP SOCKET 全攻略。檢自
https://www.cnblogs.com/skyfsm/p/6287787.html (Jun. 24, 2023)
[8] LinuxHub(2021)。socket fd 是什么？。檢自
https://mp.weixin.qq.com/s/J7LP8C-RkkHQmOWgcrq5bA (Jun.
24, 2023)
[9] Phuong M. Cao, Yuming Wu, Subho S. Banerjee, Justin Azoff, Alex
29
Withers, Zbigniew T. Kalbarczyk and Ravishankar K. Iyer,
"CAUDIT: Continuous Auditing of SSH Servers To Mitigate BruteForce Attacks," Proceedings of the 16th USENIX Symposium on
Networked Systems Design and Implementation, NSDI 2019, pp.
667-682, 2019.
[10] Saikat Chakraborty, Rahul Krishna, Yangruibo Ding, and Baishakhi
Ray , " Deep Learning Based Vulnerability Detection: Are We There
Yet?," IEEE Transactions on Software Engineering ( Volume: 48,
Issue: 9, 01 September 2022), pp. 3280-3296, 2021.
[11] Tom Ganz, Inaam Ashraf, Martin Härterich and Konrad Rieck, "
Detecting Backdoors in Collaboration Graphs of Software
Repositories," CODASPY ′23: Proceedings of the Thirteenth ACM
Conference on Data and Application Security and Privacy, 2023, pp.
189-200, 2023.

指導教授

許富皓(Fu-Hau Hsu)

審核日期

2023-7-20

推文